Investigation by investigative journalism outlet IStories (EN version by OCCRP) shows that Telegram uses a single, FSB-linked company as their infrastructure provider globally.

Telegram’s MTProto protocol also requires a cleartext identifier to be prepended to all client-server messages.

Combined, these two choices by Telegram make it into a surveillance tool.

I am quoted in the IStories story. I also did packet captures, and I dive into the nitty-gritty technical details on my blog.

Packet captures and MTProto deobfuscation library I wrote linked therein so that others can retrace my steps and check my work.

  • rysiek@szmer.infoOP
    link
    fedilink
    arrow-up
    11
    arrow-down
    1
    ·
    5 months ago

    There were reports (claims I suppose) that the fsb were using telegram to organise the stochastic gig job sabotage across Europe

    No no, reports: https://www.msn.com/en-in/news/world/russia-uses-telegram-to-recruit-spies-and-saboteurs-in-europe/ar-AA1xshqO

    Does what has been found here shed any more light on that?

    Not really/not directly, I would say. What you are describing is FSB using Telegram for recruitment. That does not require network-level observability and surveillance. That’s a different “feature”, so to speak.

    • FarceOfWill@infosec.pub
      link
      fedilink
      arrow-up
      3
      ·
      5 months ago

      It’s not that I don’t believe them, but anything coming from spooks has to be looked at a little sideways.

      Thanks for the reply. I just couldn’t figure out how they had enough intelligence to find all these telegram groups, maybe that’s easier for a nation state than I thought.

      • rysiek@szmer.infoOP
        link
        fedilink
        arrow-up
        8
        ·
        5 months ago

        It’s trivial for a nation state, they have lists of these groups. These groups are promoted in other groups and other channels and other forums and eventually reach somebody who will make a note of them.